Rising security threats
28th November 2005 (Computimes)

THREATS to enterprise information systems will continue to be more allusive next year, using more sophisticated and covert techniques. These techniques include blended social engineering and technical subterfuge attacks, automated systems based on Trojaning schemes, session hijacking systems, Trojan-type phishing systems and spyware, according to the National ICT Security and Emergency Response Centre (Niser).

Also on the rise will be wireless-based threats, where the privacy of information transmitted will be intercepted illegally at hotspot centres and other related installations of wireless communications, said Niser's director Lt Col Husin Jazri.

Poorly secured Web servers will become easy targets for intrusion activities while worm and Trojan attacks will mainly be a technique integrated into phishing attacks and spamming, he said, adding that another major concern for next year is the unrelenting growth of spam.

"Spam continues to grow by an average of 30 per cent per month and comes in many forms, carrying threats such as adware and spyware with it, and shares techniques borrowed from other malware and phishing e-mail."

Mobile security, according to Husin, is another area enterprises need to look into.

"As more organisations are equipping employees with Palm-based personal digital assistants and Windows CE devices, including smartphones, the possibility of virus infections is there. Even though reported infections have been low to date, the increased functionality of the phones will change the situation," he said.

Attackers are increasingly able to monitor, capture and hijack sessions taking place over wireless networks, and these illegitimate activities are made easier by poor configuration of these devices, lack of encryption and inadequate authentication requirements.

Over the past couple of years, the number of local wireless local area networks (WLANs) in enterprises and other locations has increased noticeably. It is now common to find WLAN connections in such places as coffee shops, airports and hotels.

"While such initiatives provide an alternative method for users to connect to the Internet, they often neglect important security implications of wireless deployment. The growing number of people using wireless connectivity has brought a corresponding increase in the number of concerns posed by insecure wireless access points," Husin said.

Nonetheless, he believes that many local organisations will have proper security measures in place to safeguard against the above-mentioned threats next year.

"Companies, organisations and corporations are no longer taking ICT security for granted as in previous years, and they are aware of the risks associated to security threats.

"However, local corporations must take note that more sophisticated techniques will be used in cyber attacks in the coming years in addition to traditional attacks. Thus, they need to be prepared in defending against new types of attack techniques," he said.

Meanwhile, security solutions provider Trend Micro has estimated that by end of next year almost 80 per cent of all e-mails will either be unwanted advertising or virus-ridden.

"This glut of e-mail requires enterprise clients to deploy better filtering services and comprehensive anti-virus and anti-spyware software solutions. Spam volume is driving down staff productivity, limiting the availability of bandwidth, and putting undue pressure on e-mail infrastructure and resources," said its country manager Wong Joon Hoong.

For Symantec Malaysia, current as well as future threats will be motivated by profit rather than just a desire to show off technical virtuosity. Based on the Symantec Internet Security Threat Report Volume 8, the number of phishing attempts increased by 90 per cent from June to December 2004 to January to June 2005.

"Phishing e-mails are evolving to evade anti-spam and anti-phishing filters. This is driving new innovation in methods of evasion, particularly in the use of randomised changes in phishing messages," said its general manager C.M. Woon.

In terms of investment trends, he said enterprises will continue to invest heavily in hardware and software security solutions to protect their IT infrastructure.

"Companies need to focus on building a resilient IT infrastructure. This infrastructure must take into account access to information (availability) and risk (how secure the information is, and how safe it is from attacks or mishaps)."

To balance access and risk, Woon said chief information officers and IT managers have to take a holistic approach and manage information security and information availability together to ensure the integrity of business information.

Among the areas of priority for enterprises to look at next year are secure content management, path management and policy enforcement, end point security and administration control, and identity and access management.